Subject: RISKS DIGEST 13.28 REPLY-TO: risks@csl.sri.com RISKS-LIST: RISKS-FORUM Digest Monday 16 March 1992 Volume 13 : Issue 28 FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator Contents: "British plug in" (Grant Grundler) Airport parking is expensive, but ... [this is ridiculous] (Tsutomu Shimomura) Computer-Aided Robbery at Clydesdale Bank (Brian Randell) X-15 reliability experience (Henry Spencer) Fly-by-wire SAAB (Brian Randell) Corporate Strategies for Info Protection, Ethics and Privacy (Sanford Sherizen) RISKS backlog (PGN) Re: American Mice (Mouse interference) (Scott Colwell, Rob Warnock, Craig, Brian Rossmajer, Bob_Frankston) Registration for IEEE SRSP (Research in Security and Privacy) (Liz Luntzel) The RISKS Forum is moderated. Contributions should be relevant, sound, in good taste, objective, coherent, concise, and nonrepetitious. Diversity is welcome. CONTRIBUTIONS to RISKS@CSL.SRI.COM, with relevant, substantive "Subject:" line. Others may be ignored! Contributions will not be ACKed. The load is too great. **PLEASE** INCLUDE YOUR NAME & INTERNET FROM: ADDRESS, especially .UUCP folks. REQUESTS please to RISKS-Request@CSL.SRI.COM. Vol i issue j, type "FTP CRVAX.SRI.COMlogin anonymousAnyNonNullPW CD RISKS:GET RISKS-i.j" (where i=1 to 13, j always TWO digits). Vol i summaries in j=00; "dir risks-*.*" gives directory; "bye" logs out. The COLON in "CD RISKS:" is essential. "CRVAX.SRI.COM" = "128.18.10.1". =CarriageReturn; FTPs may differ; UNIX prompts for username, password. ALL CONTRIBUTIONS CONSIDERED AS PERSONAL COMMENTS; USUAL DISCLAIMERS APPLY. Relevant contributions may appear in the RISKS section of regular issues of ACM SIGSOFT's SOFTWARE ENGINEERING NOTES, unless you state otherwise. ---------------------------------------------------------------------- Date: Thu, 12 Mar 92 16:25:55 PST From: grant@oas.olivetti.com (Grant Grundler) Subject: "British plug in" This is so absurd I should consider submitting it to rec.humor.funny. My guess is a lot of companies put plugs on anyway and the law finally caught up - I just can't imagine it any other way. The British Plug In (San Jose Mercury News, 2 Feb 1992) Britain has just announced that makers of electrical appliances in that country must begin to attaching plugs to the ends of electrical cords. Britons, for we don't know how long, have been required to buy plugs and attach them to their new toasters, irons and electrical what have yous. But now the Royal Society for the Prevention of Accidents, citing its research into the matter, says it was surprised to learn that "it is common practice everywhere else in the world to sell electrical goods with a plug attached." [And now, a plug for the Royal Society... PGN] ------------------------------ Date: Thu, 12 Mar 92 15:09:34 -0700 From: tsutomu@NO-SENSE.LANL.GOV (Tsutomu Shimomura) Subject: Airport parking is expensive, but ... [this is ridiculous] One of the San Diego off-airport parking outfits gave me a "time in" ticket dated February 30 (you can guess the real date). When I returned to retrieve my car on March 6th, I was presented with a demand for $3771.00 (at $11/day, $1/hour), to be paid before I was allowed to leave the lot. The garage attendant decided that this wasn't quite right, reentered the date into his "computer", and was again told that I was to pay $3771.00. At this point the manager was called for help (the exit line was getting quite long). I have a receipt here for $3771.00 for "parking". The travel accounting people are going to have fun with this one... :-) Tsutomu Shimomura tsutomu@LANL.GOV Los Alamos National Laboratory Los Alamos, NM 87545 ------------------------------ Date: Fri, 13 Mar 92 10:09:10 GMT From: Brian.Randell@newcastle.ac.uk Subject: Computer-Aided Robbery at Clydesdale Bank The item below is reprinted in its entirety, from today's Independent, a UK national newspaper. I do not recall any previous reports in RISKS of similar cases of in-house "high-tech" cash dispenser robbery - but I must admit I have not followed the stream of cash dispenser stories closely. Brian Randell ==================== ROBBER 'FOILED BANK SYSTEM' An electronics expert stole more than (pounds) 17,000 in a high-tech robbery spree, plundering dozens of accounts from automatic cash dispensers at banks, Paisley [Scotland] Sheriff Court was told yesterday. Clydesdale Bank chiefs claimed their dispensing system was foolproof and told angry customers that members of their own households must have been responsible for making withdrawals without their knowledge. Anthony Pratt, 32, a bank engineer, used a hand-held computer inside bank premises to record transactions being made by customers at "hole-in-the-wall" machines outside. He recorded the customer's secret number and later used it on plastic cards he made with magnetic strips. Pratt, of East Kilbride, was finally arrested after he took cash from a machine in Glasgow. He admitted conspiracy to rob and robbery. Sentence was deferred for reports until 2 April. Computing Laboratory, The University, Newcastle upon Tyne, NE1 7RU, UK Brian.Randell@newcastle.ac.uk PHONE = +44 91 222 7923 FAX = +44 91 222 8232 ------------------------------ Date: Sun, 15 Mar 92 20:11:54 EST From: henry@zoo.toronto.edu (Henry Spencer) Subject: X-15 reliability experience On reading the Proceedings of the X-15 First Flight 30th Anniversary Celebration (NASA CP-3105, Jan 1991), I ran across a section of some relevance to Risks. Insertions in [] are mine. In 1962, a very comprehensive, but little known, study was initiated by Bob Nagle at AFFTC to quantify the benefits of having a pilot and redundant-emergency systems [this seems to be essentially a buzzword for "redundant systems"] on a research vehicle. Each individual malfunction or abnormal event that occurred after B-52 [X-15 launch aircraft] takeoff for the first 47 free flights of the X-15 was analyzed. The outcome of each event was forecast for three hypothetical models; one with only the pilot but no redundant-emergency systems, one with only the redundant-emergency systems but with no pilot, and one with neither the pilot nor redundant-emergency systems (i.e. single-string [buzzword for no redundancy], unmanned). [The bar chart of results shows an expected failure rate of over 50% for the "neither" configuration, with many of the failures destroying aircraft. Adding just a pilot or just redundant systems produces only small improvements. Adding both takes the failure rate down to near zero and eliminates aircraft losses.] [Referring to the graph.] The unmanned, single-string system would have had 11 additional aborts and resulted in the loss of 15 X-15s. [The actual program built only three!] Not surprising is the fact that the pilot is of little value in a system without redundant-emergency systems. He must have some alternate course available in order to be effective. The redundant-emergency systems were also found to be of little value in an unmanned system primarily because the fault detection and switchover logic must presuppose the type of failure or event. For example, few designers would have built in a capability to handle an inadvertent nose gear extension at Mach 4.5. [That last refers to something that actually happened to an X-15. Landing gear is normally designed to be extended at a maximum of a few hundred MPH. Having gear extend at 3000+ MPH is a horrifying prospect, but the X-15 was landed safely with minor damage to the aircraft and the pilot unhurt.] Of more than academic interest was a parallel, but independent, study conducted by Boeing on the first 60 flights of their BOMARC missile, an unmanned, single-string, ramjet-powered interceptor. The authors collaborated on the ground rules for the study but not on the actual analysis. The similarity of the results [a virtually identical bar chart] is striking, especially when considering that the X-15 study was projecting from a piloted, redundant design to an unpiloted, nonredundant design, and the BOMARC study was the reverse... ("X-15 Contributions to the X-30", Robert G. Hoey, pp 103-121.) Henry Spencer at U of Toronto Zoology henry@zoo.toronto.edu utzoo!henry ------------------------------ Date: Thu, 12 Mar 92 11:03:25 GMT From: Brian.Randell@newcastle.ac.uk Subject: Fly-by-wire SAAB The following article appeared in the Wednesday 11 March 1992 issue of The Independent, a (quality) national paper here in the UK. It is quoted in its entirety, except for the umlaut over the "a" in "Branneby", without permission. (On a recent flight I took, as we taxied to the terminal after touch down, the pilot thanked the passengers for flying with the particular airline, and pointedly remarked that the safest part of our journey had just been completed :-) Brian Randell ============= COMPUTER SYSTEMS DEVELOPED FOR AIRCRAFT ARE BEING ADAPTED FOR USE ON THE ROAD. Susan Watts reports CAR FIRM FORGES AHEAD WITH DRIVE-BY-WIRE PROTOTYPE SAAB, the Swedish car maker, seems untouched by recent controversy over fly-by-wire aircraft, and is pressing ahead with plans for a drive-by-wire car. Fly-by-wire aircraft rely on software controls to a far greater extent than conventional aircraft. Three fatal crashes of the A320 aircraft have raised fears over the safety of such systems, and how easy they are to fly. Saab's parent, the Saab Scania Group, has experience of computer-controlled transport, having built the Grippen fly-by-wire fighter aircraft. Its automotive engineers have produced a prototype computer-controlled car. The Independent took a brief test drive yesterday. The car felt very smooth to drive, and remarkably easy to handle, although we did only a few miles an hour. Saab concedes that safety fears could be one of the biggest obstacles to selling such a radical change in car design. But it predicts that by the time the car is in production people will be more confident about computer-controlled transport. There is no steering wheel, but a joystick to one side of the driver. There is no mechanical link between the joystick and the wheels a computer intervenes to control and optimise the hydraulic steering. The car has a back-up control system that performs the same basic tasks as the computer, but uses traditional electronics. This is ready to switch into action if any part of the computer fails, or the driver hits an emergency "stop" button. To steer, the driver turns the joystick from side to side, and the computer translates this into wheel movement. The car senses the driver's movements on the joystick, translates these into the optimum wheel angles and feeds back information to the driver by altering the response felt through the joystick. At low speeds, for manoeuvres such as parking, a small movement of the joystick produces a large change in direction of the wheels. At higher speeds this relationship changes, so a larger movement of the joystick is needed to shift the wheels. The prototype has a computer keyboard and flat-screen display in the passenger seat, so the driver can modify the software to change the "feel" of the joystick. Per Branneby, the Saab test engineer who heads the steer-by-wire project, said: "I can make it feel like a go-kart or an American limousine." The idea is that driving without a steering wheel is physically safer, because you can fit an airbag where the steering wheel would be and avoid the crushing injuries often sustained by drivers in accidents. It should also be safer because the computer and hydraulics in between the wheels and the joystick filter out "noise" from the road that would normally make the steering wheel shake and judder such as stones in the road or gusty winds. Mr Branneby said drivers get most of the information they need to steer the car by monitoring sideways forces on their seat. In the Saab car, the computer is fed data from sensors that tell it about these forces, as well as the car's speed and acceleration. The car does not sense the environment it is in, so cannot respond automatically and change its steering to deal with a bumpy or icy road, or a skid. This is the next stage in Saab's research. The two-litre Saab 9000 Turbo used to test the active steering has automatic gears and anti-lock brakes and a conventional accelerator, although Mr Branneby said these may eventually be linked to the central computer. He does not envisage production models of cars using steer-by-wire joysticks until 2010 or 2015, although a version with active steering applied to a conventional steering wheel may come sooner. He also said a production model would probably have two joysticks one for each arm so the driver can swap the arm in control. Computing Laboratory, The University, Newcastle upon Tyne, NE1 7RU, UK Brian.Randell@newcastle.ac.uk PHONE = +44 91 222 7923 FAX = +44 91 222 8232 ------------------------------ Date: Fri, 13 Mar 92 07:06:38 -0800 From: gnu@toad.com Subject: Bugging ISDN ------- Forwarded Message Date: Thu, 12 Mar 92 19:15 GMT From: Sanford Sherizen <0003965782@mcimail.com> Subject: Corporate Strategies for Information Protection, Ethics and Privacy As the Conference Program Director, I would like to invite readers of RISKS to attend an important upcoming executive briefing entitled AVOIDING MANAGERIAL LIABILITY: DEVELOPING CORPORATE STRATEGIES FOR INFORMATION PROTECTION, ETHICS AND PRIVACY Sunday evening, April 26 and all day Monday, April 27, 1992 at Bentley College, Waltham, Mass. Sponsored by the Center for Business Ethics at Bentley College Managers are on the hotseat. They are increasingly being given responsibilities for information protection, ethics and privacy issues. The emphasis of this briefing will be on how managers can best respond to these challenges. Technological developments are intensifying protection, ethics and privacy as business problems. The Federal Sentencing Guidelines and other legal decisions are defining senior managers as directly responsible for developing corporate conduct rules and programs to deter organizational and employee wrongdoing. The media and public opinion are more clearly defining appropriate and inappropriate activities. Managers need assistance to understand these complex issues and to select appropriate business policy choices. Those attending this briefing will: Evaluate information protection, ethics and privacy issues in managerial/business terms; Hear successful policy choices, options and tradeoffs; Learn how to respond appropriately to these issues; Have an opportunity to network with peers from around the nationa who are facing similar decisions. John Poduska, a respected figure in the computer field, will give the keynote address on Sunday evening. On Monday, there will be overview presentations on technology, law, and ethics strategies. Joe Murphy, co-editor of Corporate Conduct Quarterly, will give a luncheon speech on the Federal Sentencing Guidelines. Small interactive discussion groups will be formed to evaluate scenario and to discuss specific strategies. The day will end with general sessions and idea exchanges. The fee for this exciting day-and-a-half conference will be $300. That includes the program, a reception, all meals and informative briefing materials. For further information, contact the Center for Business Ethics, Bentley College, 175 Forest Street, Waltham, MA 02154-4705, (617) 891-2981. Specific questions can also be sent to me by E-mail at MCI Mail 396-5782. Sanford Sherizen, Data Security Systems, Natick, Mass. ------------------------------ Date: Mon, 16 Mar 92 14:45:03 PST From: RISKS Forum Subject: Backlog The backlog is excessive, I was overly busy, and our computer systems suffered several outages at times that might otherwise have permitted me to put out another issue. Sorry for the delay. However, the backlog is mostly second- and third-order stuff, which may or may not get included in the future, depending. During the previous week I think I was too permissive, so I am likely to swing back the other way for a while. Thanks for your patience. PGN ------------------------------ Date: Wed, 11 Mar 92 13:46:09 +1000 From: scott@labtam.labtam.oz.au (Scott Colwell) Subject: Mice do roar! was re: Mouse restrictions on American Airlines [John Bartlett tells of his encounter with a flight attendant over the regulations restricting the use of external mice (mouses?)] Just 2 weeks ago I attended the RFI emission testing of our one of our X terminals and where did the major emission come from? If you guessed the mouse then you're right. A major source of emissions from equipment in the VHF band is the cables. They act as antennas, radiating whatever noise is on the circuits that connect to them. Mouse cables are often the worst offender since they are rarely shielded. So there is a very definite technological basis for this regulation but perhaps the problem could be covered better. I would prefer to see the regulation require that the mouse have FCC class B or CISPR 22 class B approval if this reduces the RFI levels to suitable levels. If this does not remove the problem then a new more stringent standard needs to be developed. But if a lower level of RFI is required, then why don't the laptops themselves interfere with navigation instruments ? It is risky in the least to assume that removing the mouse will turn an FCC class B laptop into a significantly quieter device. (By the way, leaving the mouse plugged in will most likely still radiate regardless of whether it is used or not.) Scott Colwell Labtam Australia Pty. Ltd. net: scott@labtam.labtam.oz.au Melbourne, Australia phone: +61-3-587-1444 ------------------------------ Date: Mon, 9 Mar 92 08:37:06 GMT From: rpw3@rigden.wpd.sgi.com (Rob Warnock) Subject: Re: Mouse restrictions on American Airlines (Frankston, RISKS-13.26) But there very well may be [a difference]. I have seen cases in which *significant* interference was radiated from an external mouse cable [into a nearly audio input, as it happened]. All it takes is the airline running into one such case, and they will tend to ban the entire class of device. Such is the reasoning which [correctly, in my view] led to the banning quite a few years ago of "pin printers" on airplanes. When I would ask if I could use my portable computer [back then it was required that you ask], the answer was always, "Yes, but not if it has a printer on it." Seems the output drivers for the pins radiated a lot. These days, the boogyman de jure may be external mice. I don't doubt that they've seen at least one such case... Rob Warnock, MS-9U/510 Silicon Graphics, Inc., 2011 N. Shoreline Blvd., Mountain View, CA 94039-7311 (415)335-1673 rpw3@sgi.com ------------------------------ Date: Mon, 9 Mar 92 01:29:08 PST From: news@pixar.com (Usenet Newsmaster, good@pixar.com) Subject: Re: Mouse restrictions on American Airlines (Frankston, RISKS-13.26) There is a potentially big difference. The wire leading to the mouse could make a wonderful transmitting antenna through which the RF soup in your shielded computer might leak out. Remember that it is only by the airline's good graces that you're allowed to use the computer at all. Electronic devices such as computers, radios and TV's are all potential sources of RF interference. Only radios and TVs are typically banned because of the specific way in which they interfere with VOR recievers. My guess is that American has traced some interference to the use of a mouse. Other airlines can't be far behind. Let's find ways to cooperate before the NTSB has to put the use of a mouse as a probable cause for an accident. I'd rather know that the aircraft's navigation equipment is working without interference than use a mouse. But then I *am* typing this on a PowerBook. --Craig ------------------------------ Date: Sun, 8 Mar 92 14:26:05 EST From: Brian Rossmajer Subject: Risky humour Several people have mentioned that mouse cords can affect aircraft instrumentation. What are the known effects of, say, a six-foot mouse cord on the altimeter of an Airbus 320? bwrossmajer@descartes.waterloo.edu (Brian W. Rossmajer) ------------------------------ Date: Mon 9 Mar 1992 09:15 -0500 From: Subject: Antennas To all of you pointing out that a mouse cord can act as an antenna. Yes, I know it is possible, but was just passing on another's comment and didn't want to confuse the issue by adding my own editorial commentary. While I realize that air safety is a crucial issue, the airlines should have some of the burden of establishing a rational policy . If there is a significant danger from mouse cords, then they should explain and substantiate it. Otherwise, I'll confine all my flying to red-eyes since I'll have to treat airplanes as being good only for sleeping. If I'm awake, who knows what damage I'd do. On a slightly more serious note, are the electronics in airplane's all that fragile? Is a laptop computer really worse than a thunderstorm? Are camcorders allowed? Handheld LCD games? Flashbulbs? As our electronics become more mobile, the airlines have an opportunity to be compete the for the best environment. Some will provide travellers with better ways to work while travelling while others will offer an electronics-free environment for relaxation. Of course, the nonE flights would mean you can't even write a letter home without learning how to write with a pen (remember those?) ------------------------------ Date: Mon, 16 Mar 92 14:47:01 -0800 From: Elizabeth Luntzel Subject: Email registration for IEEE SRSP [Program from RISKS-13.05 repeated] [This is an annual meeting of the security research community, for serious security folks, and is usually an outstanding gathering. Space limited, register early. See you there? PGN] 1992 SYMPOSIUM ON RESEARCH IN SECURITY AND PRIVACY, 4-6 May 1992 REGISTRATION INFORMATION ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ 7:00am: Registration opens 8:45--9:00: Welcoming Remarks: Deborah Cooper, John McLean 9:00--10:30: DISTRIBUTED SYSTEMS: John Rushby, Session Chair 9:00-- 9:30: On Inter-Realm Authentication in Large Distributed Systems Virgil Gligor, Shyh-Wei Luan, Joseph Pato 9:30--10:00: Integrating Security in a Group Oriented Distributed System Michael Reiter, Kenneth Birman, Li Gong 10:00--10:30: Authorization in Distributed Systems: A Formal Approach Thomas Woo, Simon Lam 11:00--12:00: COVERT CHANNELS: Tom Berson, Session Chair 11:00--11:30: Lattice Scheduling and Covert Channels Wei-Ming Hu 11:30--12:00: The Influence of Delay Upon an Idealized Channel's Bandwidth Ira Moskowitz, Allen Miller 12:00--2:00: LUNCH (included in registration) 2:00--3:00: INTEGRITY: Dick Kemmerer, Session Chair Marshall Abrams, Ed Amoroso, Teresa Lunt, James Williams 3:30--5:00: CRYPTOGRAPHIC PROTOCOLS: Dan Nessett, Session Chair 3:30--4:00: Encrypted Key Exchange: Password-Based Protocols Secure Against Dictionary Attacks Steven Bellovin, Michael Merritt 4:00--4:30 On Message Integrity in Cryptographic Protocols Stuart Stubblebine, Virgil Gligor 4:30--5:00: Roles in Cryptographic Protocols Einar Snekkenes 5:30 RECEPTION (good food and drinks, on the house) 8:00: POSTER SESSIONS TUESDAY 9:00--10:30: SECURITY MODELS: George Dinolt, Session Chair 9:00-- 9:30: The Typed Access Matrix Model Ravi Sandhu 9:30--10:00: A Resource Allocation Model for Denial of Service Jonathan Millen 10:00--10:30: Non-Monotonic Transformation of Access Rights Ravi Sandhu, Gurpreet Suri 11:00--12:00: INFORMATION FLOW: Dale Johnson, Session Chair 11:00--11:30 A Logical Approach to Multilevel Security of Probabilistic Systems James Gray, Paul Syverson 11:30--12:00 Using Traces of Procedure Calls to Reason About Composability Catherine Meadows 12:00--2:00: LUNCH (included in registration) 2:00--3:00: INVITED SPEAKER: John McLean, Session Chair 2:00--3:00 Security in Distributed Systems Butler Lampson 3:30--5:00: CONCURRENCY CONTROL: Tom Haigh, Session Chair 3:30--4:00: A Multilevel Transaction Problem for Multilevel Secure Database Systems and Its Solution for the Replicated Architecture Oliver Costich, John McDermott 4:00--4:30: A Two Snapshot Algorithm for Concurrency Control Algorithm in Secure Multi-Level Databases Paul Ammann, Frank Jaeckle, Sushil Jajodia 4:30--5:00: Alternative Correctness Criteria for Concurrent Execution of Transactions in Multilevel Secure Database Systems Sushil Jajodia, Vijayalakshmi Atluri 5:00: MEETING OF THE IEEE Technical Committee on Security and Privacy 8:00: POSTER SESSIONS WEDNESDAY 9:00--10:30: SYSTEMS: Tanya Korelsky, Session Chair 9:00-- 9:30: Evolution of a Trusted B3 Window System Prototype Jeremy Epstein, John McHugh, Rita Pascale, Charles Martin, Douglas Rothnie, Hilarie Orman, Ann Marmor-Squires, Martha Branstad, Bonnie Danner 9:30--10:00: A Neural Network Component For An Intrusion Detection System Herve Debar, Monique Becker, Didier Siboni 10:00--10:30: An Optimal Solution to the Secure Reader Writer Problem Glenn Benson 11:00--12:00: DATABASE SECURITY: John Dobson, Session Chair 11:00--11:30: Security for Object-Oriented Database Systems Jonathan Millen, Teresa Lunt 11:30---12:00 A Natural Decomposition of Multi-level Relations Frederic Cuppens, Kioumars Yazdanian 12:00--12:15: AWARDS 12:15: SYMPOSIUM ADJOURNS ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ ADVANCE (Mar/9/92 TO Mar/23/92) MEMBER $230 NONMEMBER $290 STUDENT $ 50 LATE (Mar/24/92 TO Apr/10/92) MEMBER $280 NONMEMBER $360 STUDENT $ 50 Since payment must be in US dollars only, please WIRE FEE to Account Name: 1992 SYMP on RESRCH SEC & PRIVACY Bank and Address: Home Savings of America 1800 North Sepulveda Boulevard Manhattan Beach, CA 90266-9977 Bank Routing Number: 322070006 Bank Account Number: 1369041221 AND fax a copy of the wiring information to Liz Luntzel, 1 415 859-2844, so we know you've paid. ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ You may email the following information to me, luntzel@csl.sri.com, to register for the symposium. Name: Company: Mail Stop: Street Address: City/State/Zip/Country: Phone Number: IEEE or IEEE Computer Society Member Number: Do You Wish to Present at a Poster Session? Have you participated in any recent research, development, or evaluation project in computer Security? If so, please name the project and the area of computer security: cut:^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ CLAREMONT RESORT REGISTRATION: (YOU MUST REGISTER DIRECTLY WITH THE CLAREMONT.) Cut-off Date: April 2, 1992 1992 IEEE Symposium on Research in Security and Privacy, May 4-6, 1992 Check-in time is after 3:00pm; check-out is 12:00 noon SINGLE: DOUBLE: (2 persons/1 bed) DOUBLE DOUBLE (2 persons/2 beds) All reservations must be accompanied by an advance deposit or credit card guarantee. You may cancel your individual reservations up to 72 hours prior to arrival, after which your deposit becomes nonrefundable. The telephone number of the hotel is: (415)843-3000 To reserve Oakland Airport Transportation, please call 24 hours in advance to (415)843-3000, x133. Group Rates: $91 Single $103 Double Name: (sharing with): Company/Group: Street Address: City/State/Zip/Country:: I WILL ARRIVE ON (DAY) ____ (DATE):____ I WILL DEPART ON (DAY) ____ (DATE):____ I WILL GUARANTEE MY RESERVATION WITH: ADVANCE DEPOSIT: ____ CREDIT CARD: ____ Type: Expiration Date: Please mail this section of the form with your payment to: The Claremont Resort Ashby & Domingo Avenues Oakland, CA 94623-0363 cut:^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ Delta Airlines, Inc., is offering special fares to the Symposium. These fares are based on Delta's published round-trip fares within the U.S. and San Juan. A 5% discount off any published fare (except group, military, government contract, Visit USA, and Delta's Canadian fares), providing all rules and conditions of the airfare are met; a 45% discount off the unrestricted Coach (Y,YN,Y1) fare. Seven days advance reservations and ticketing is required. Exceptions: Travel from Delta's Canadian cities will apply at 40% discount, and travel solely on Delta Connection Carriers will appy at a 35% discount. To take advantage of these discounts, call Delta, or have your travel agent call, at 1-800-241-6760, for reservations (8-11:00pm EST daily). Refer to file number H0575. Certain restrictions may apply and seats are limited. These discounts are available only through Delta's toll-free number. ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ If you need any further information, including an on-line or FAX copy of the program, please email me. We look forward to seeing you at the Symposium! Liz Luntzel (Teresa Lunt's Assistant) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ ------------------------------ End of RISKS-FORUM Digest 13.28 ************************